CVE-2019-10241: Cross-Site Scripting
(updated )
Eclipse Jetty server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet
or ResourceHandler
that is configured for showing a Listing of directory contents.
References
Detect and mitigate CVE-2019-10241 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →